Android malware samples jump six-fold in Q2

Malware samples which consist mostly of mobile spyware rocketed to over 120,000 last month within three months. The OS's application signing shows further weakness, according to Alcatel-Lucent's Kindsight Security Labs study.

Overall, 0.52 percent of devices were infected with high threat level malware, a slight increase from 0.5 percent last quarter. Majority of infected devices are either Android phones or Windows laptop tethered to a phone or connected directly through a mobile USB stick or Mi-Fi hub.

The number of infected Android devices are also starting to dominate the total number of infected mobile devices.

Android malware samples growth from July 2012 to June 2013 (Source: Alcatel-Lucent)

Mobile device infection rate from January to June 2013 (Source: Alcatel-Lucent)

According to the report, the major infection vector comes from Trojanized apps distributed from Google Play Store, legitimate third party app stores or "shadier" app stores specializing in pirated applications. While Google Play had made efforts to scan and remove any apps containing malware, many of the third party app stores have not checked for apps containing malware.

Most mobile threats detected belong to the spyware category, and this poses a large threat to organizations in the Bring Your Own Device (BYOD) era because they can be installed on an employee's phone for industrial or corporate espionage.

The report also found vulnerabilities existed when it came to Android application signing. All Android applications need to be signed cryptographically, which can help verify the identity of the application author and ensure the application has not been tampered with but issues exist on this model, the report noted.

While the Android operating system checks the app has been signed, it makes no attempt to verify that the signature is legitimate, but simply accepts any old signatures. This allows the "signer" to put any information they want into the certificate, making it easy to make pirated copies of applications with Trojan services injected into them.

Rise of home networks infected with malware

In terms of fixed broadband deployments in Q2 this year, 10 percent of residential households also showed evidence of malware infection, an increase from 9 percent infection last quarter.

Of which, 6 percent of households were infected by a high threat level malware such as a botnet, rootkit or banking Trojan, while 5 percent of households also infected with a moderate threat level malware such as spyware, browser hijackers or adware. Some households had multiple infections including both high and moderate threat level infections.

Home networks infected with malware and the division of infection by threat level in Q2 2013 (Source: Alcatel-Lucent)

The ZeroAccess Bot remains the most common malware threat in Q2, infecting about 0.8 percent of broadband users. It uses rootkit technology to conceal its presence, while downloading additional malware used in a large scale ad-click fraud. This can cost Internet advertisers millions of dollars and when aggregated over a month, it can be quite significant for the user.

Thank You

By registering you become a member of the CBS Interactive family of sites and you have read and agree to the Terms of Use, Privacy Policy and Video Services Policy. You agree to receive updates, alerts and promotions from CBS and that CBS may share information about you with our marketing partners so that they may contact you by email or otherwise about their products or services.
You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.